package com.cskaoyan.controller;

import com.cskaoyan.annotation.LogAnnotation;
import com.cskaoyan.bean.AdminInfoBean;
import com.cskaoyan.bean.BaseRespVo;
import com.cskaoyan.bean.InfoData;
import com.cskaoyan.bean.LoginUserData;
import com.cskaoyan.bean.param.FileParam;
import com.cskaoyan.bean.po.AdminLogPO;
import com.cskaoyan.bean.po.AdminPO;
import com.cskaoyan.bean.vo.AdminInfoVO;
import com.cskaoyan.config.shiro.MallToken;
import com.cskaoyan.service.AdminService;
import com.cskaoyan.util.EncryptUtils;
import com.cskaoyan.util.StringToArrayUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;

//shiro整合之后，在做具体的开发
//响应结果都是JSON，Controller组件上我们都用@RestController注解
@RestController
@RequestMapping("admin/auth")
public class AuthController {
    @Autowired
    AdminService adminService;

    /**
     * 如果参数比较少，类型比较简单的话，使用map来接收也可以
     *
     * @return
     */
    @LogAnnotation
    @PostMapping("login")
    public BaseRespVo login(@RequestBody Map map,HttpServletRequest request) {
        String username = (String) map.get("username");
        String password = (String) map.get("password");

        List<AdminPO> adminPOS = adminService.selectAdminByAdminName(username);
        AdminLogPO adminLogPO = getAdminLogPO(request, username, adminPOS);
        request.getSession().setAttribute("loginWrong",adminLogPO);

        Subject subject = SecurityUtils.getSubject();
        subject.login(new MallToken(username, EncryptUtils.encrypt(password), "admin"));

        AdminPO adminPO = (AdminPO) subject.getPrincipals().getPrimaryPrincipal();
        LoginUserData loginUserData = new LoginUserData();
        AdminInfoBean adminInfo = new AdminInfoBean();
        adminInfo.setAvatar(adminPO.getAvatar());
        adminInfo.setNickName(adminPO.getUsername());
        loginUserData.setAdminInfo(adminInfo);
        loginUserData.setToken((String) subject.getSession().getId());
        return BaseRespVo.ok(loginUserData);
    }

    @RequestMapping("info")
    public BaseRespVo info(String token) {
        Subject subject = SecurityUtils.getSubject();
        AdminPO adminPO = (AdminPO) subject.getPrincipals().getPrimaryPrincipal();
        AdminInfoVO adminInfoVO = adminService.queryInfo(adminPO);
        return BaseRespVo.ok(adminInfoVO);
    }

    private AdminLogPO getAdminLogPO(HttpServletRequest request, String username, List<AdminPO> adminPOS) {
        AdminLogPO adminLogPO = new AdminLogPO();
        if (adminPOS.size() > 0) {
            adminLogPO.setAdmin(username);
        }else {
            adminLogPO.setAdmin("匿名用户");
        }
        adminLogPO.setIp(request.getRemoteAddr());
        adminLogPO.setType(1);
        adminLogPO.setAction("登录");
        adminLogPO.setStatus(false);
        adminLogPO.setResult("账户名或密码错误");
        adminLogPO.setAddTime(new Date());
        adminLogPO.setUpdateTime(new Date());
        adminLogPO.setDeleted(false);
        return adminLogPO;
    }
}
